The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Unfortunately, we have a problematic and unstable neighbor. Without getting into details, he often yells obscenities, threatens physical harm, threatens property damage, and other such undesirable things. Sadly, involving the police from time to time and getting two restraining orders did not discourage this neighbor from his outbursts and threats. The police and courts explained to us that a healthy person is afraid of the law. This is logical – most of us don’t commit crimes, and this is partly because we are afraid of the consequences. But when a person is unstable and believes that they can talk their way out of anything as long as it is your word against theirs, there is little recourse. In other words, if a person is careful to behave badly only when there is no record of that behavior, it is very difficult for the police and courts to do much about it. Even given this, we have, thankfully, had several months of quiet. How so? We found something that the troublesome neighbor did fear – being caught on camera. We installed home security cameras, and nearly instantly, we had complete quiet. We went from constant unpleasantness to total quiet overnight. In fact, one of the first videos we collected on one of our home security cameras was of our problematic neighbor approaching our door, realizing we had installed a home security camera, and then quietly walking away rather than launching into a tirade. Since then, quiet. Why am I sharing this story? I believe that there is an important security lesson we can learn from this. Namely, the importance of visibility – not merely for compliance, audit, security monitoring, and other reasons that we are likely all familiar with. But beyond that, like in the case of our troublesome neighbor, visibility keeps people and teams honest, and that can bring huge benefits for the security organization. Before getting into the benefits for the security organization, it is worth clarifying what I am referring to when I mention visibility. When thinking about visibility, it is important to remember the need to see what is happening at all layers. Beyond just the network, endpoints, and access logs, but also the application layer. This includes detailed insight into both traffic traversing the API infrastructure, as well as traffic leveraging AI capabilities. Without this, it is nearly impossible to properly monitor applications, never mind detecting, investigating, and responding to any incidents that may occur. As I mentioned above, there are other benefits to visibility beyond those we are most familiar with. What are some of these additional benefits? There are many, but here are a few of my favorites: Improved relationships: It’s no secret that security teams and application owners don’t always have the best relationships inside an enterprise. Improving this relationship is, naturally, a goal of many security teams. Yet, in many cases, this is easier said than done. This is where data can help, be it from application traffic, API Discovery, vulnerability scanning, red team, or otherwise. When the discussion around the relationship between the security team and the application team is a data-driven one, it is often more impactful. Showing real data that shows real risk (rather than generic information) serves as a great catalyst for moving a relationship forward. This is a great bonus that visibility brings to an enterprise. Better user behavior: While we would like to believe that people will behave as desired even when not being watched, this is not reality unfortunately. In the analog world, people usually behave better when they believe they are being watched. For example, speed cameras on roadways generally keep vehicle speeds down. Similarly, in the digital world, when users understand that their activities are being watched, they usually behave better as well. They are less likely to visit inappropriate sites, engage in questionable activities, violate policies, install unvetted third-party software, and other such risky behaviors. This is another great benefit to visibility. More informed decision-making: The most sound decisions are data-driven ones. Of course, the more complete and accurate the data upon which decisions are based, the more informed those decisions will be. While complete knowledge and total visibility is impossible, there is usually still plenty of room for improvement within most enterprises. It takes some effort, but investing the time and resources required to identify and address gaps in visibility brings many rewards. One of them is vastly improved decision-making. More accurate risk assessment: At its core, security is about managing and mitigating risk. The more visibility a security team has, the better the input to the risk management process will be. With better input to this process comes more accurate risk assessment, which is a huge win for the security team. Yet another bonus that comes from improved visibility. Modern enterprises are complex, sprawling, and messy. They often operate with hybrid and multi-cloud infrastructure. This can make it far more difficult than it used to be for enterprises to get adequate visibility at all required layers, including the application layer. While it is a significant investment in time and resources, identifying and addressing gaps in visibility brings with it many rewards. We in the security community discuss some of those rewards frequently. But there are additional, bonus benefits to improved visibility that are also worth considering. WRITTEN BY Joshua Goldfarb Joshua Goldfarb (Twitter: @ananalytical) is currently Field CISO at F5. Previously, Josh served as VP, CTO - Emerging Technologies at FireEye and as Chief Security Officer for nPulse Technologies until its acquisition by FireEye. Prior to joining nPulse, Josh worked as an independent consultant, applying his analytical methodology to help enterprises build and enhance their network traffic analysis, security operations, and incident response capabilities to improve their information security postures. He has consulted and advised numerous clients in both the public and private sectors at strategic and tactical levels. Earlier in his career, Josh served as the Chief of Analysis for the United States Computer Emergency Readiness Team (US-CERT) where he built from the ground up and subsequently ran the network, endpoint, and malware analysis/forensics capabilities for US-CERT. More from Joshua Goldfarb The Human IOC: Why Security Professionals Struggle with Social Vetting Security in the Dark: Recognizing the Signs of Hidden Information The Loudest Voices in Security Often Have the Least to Lose The Great Disconnect: Unmasking the ‘Two Separate Conversations’ in Security What Makes a Great Field CXO: Lessons from the Front Lines Perspective: Why Politics in the Workplace is a Cybersecurity Risk Slow and Steady Security: Lessons from the Tortoise and the Hare Reclaiming Control: How Enterprises Can Fix Broken Security Operations Latest News Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities Google Warns of New Campaign Targeting BPOs to Steal Corporate Data Adobe Reader Zero-Day Exploited for Months: Researcher 300,000 People Impacted by Eurail Data Breach $3.6 Million Stolen in Bitcoin Depot Hack Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long Data Leakage Vulnerability Patched in OpenSSL RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years Trending Webinar: Securing Fragile OT In An Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Webinar: Why Automated Pentesting Alone Is Not Enough April 7, 2026 Join our live diagnostic session to expose hidden coverage gaps and shift from flawed tool-level evaluations to a comprehensive, program-level validation discipline. Register People on the Move John Clancy has become Chief Executive Officer at Bitsight. Halcyon has appointed Dave Hannigan as Field Chief Information Security Officer. Pamela McLeod has been named as CISO of the state of New Hampshire. More People On The Move Expert Insights The New Rules Of Engagement: Matching Agentic Attack Speed The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. (Nadir Izrael) The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust Data integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. (Steve Durbin) Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) How To 10x Your Vulnerability Management Program In The Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) Flipboard Reddit Whatsapp Email